Author: arafatansari
Classification
CWE-ID: CWE-79
CVSS-Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
CVSS-Score: 7.2
YesWiki before 2022-07-07 contains a cross-site scripting vulnerability via the id parameter in the AccueiL URL.
Reference
- https://huntr.dev/bounties/de4db96c-2717-4c0e-b7aa-eee756ca19d3/
Metadata
max-request: 1
verified: true
shodan-query: http.html:"yeswiki"